"ESF Members NSA and CISA Provide Threat Assessment, Best Practices for 5G Network Slicing"
Enduring Security Framework (ESF) partners, in collaboration with experts from the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA), published an assessment of potential threats associated with 5G network slicing, as well as strategies to help keep this emerging technology secure. The 5G technology standard for broadband cellular networks has the potential to increase data download and upload speeds, reduce latency, and enable more devices to connect to the Internet at the same time. Network slicing is a 5G network architecture that allows mobile service providers to divide their network into several independent "slices" in order to create specific virtual networks for different clients and use cases. The new report identifies management strategies to ensure each network slice's confidentiality, integrity, and availability. The Department of Defense (DOD) is integrating 5G technology into its enterprise. The ability to slice the network across the entire 5G system is a critical new capability that 5G provides over LTE. Therefore, the ability to use network slicing in a secure manner is required if the DOD is to use the feature, according to Andrew Thiessen, Chief Technologist of the DOD 5G Cross Functional Team. This assessment's threat and security considerations are aimed at mobile service providers, hardware manufacturers, software developers, and system integrators who design, deploy, operate, or maintain 5G networks. As new 5G policies and standards are released, there is still the possibility of end-user threats. There are risks associated with standard development, such as standard bodies developing optional controls that operators do not implement. Operators may introduce gaps in the network and invite malicious threat actors if these subjective security measures are not implemented. This article continues to discuss the 5G network slicing threat assessment and best practices published by the ESF, NSA, and CISA.